The author here. DriverKit is really a no-go. A while back I was asked to do a project based on DriverKit, it took me nowhere because of countless bugs and semi-implemented features, worse yet, it caused system crashes (and it was supposed to be stable).
Maybe they also shouldn't ship garbage that doesn't work and expect others to debug it?
Maybe this should also happen before you deprecate and make it essentially impossible to install kext's?
(It's possible, but trying to walk users through it is a great way to lose 99% of your user base instantly)
(My experience with driverkit is identical to the parent's)
The whole "we removed it for security reasons" is also a hilarious facade.
The linux kernel has a much more expansive (heck, crazy!) driver interface and number of drivers.
Yet, the rate of system compromise due to them vs applications/servers is probably 99 to 1 in favor of applications/servers.
That’s because applications have a bunch of easy logic bugs to exploit rather than weird memory corruption you have to wrangle with in a driver, not because the drivers are any more secure.
> The drivers you build with DriverKit run in user space, rather than as kernel extensions, which improves system stability and security. You create your driver as an app extension and deliver it inside your existing app.
makes it seem like every consumer who wants to use something FUSE-y would have to ship their own impl, right?
and I shudder to think of the heartache required with signing or whatever Apple gatekeeping is going on nowadays
